> For the complete documentation index, see [llms.txt](https://docs.fortifiedid.se/management-center/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.fortifiedid.se/management-center/the-service/about-this-release/release-notes.md). # Release notes ## Management Center - Release Notes ### Version 2.1.0 This release focuses on configuration workflows in Control, Access, Forms, Portal, and Password Reset. It adds new typed configuration views, improved schedule, flow, and step editing, runtime observability for pipes, and a broad set of fixes that make generated configuration safer and easier to manage. *** #### Key Highlights * Added Control support in Management Center, including the Control product area, correct product imagery, improved subtitle styling, and fixes for Control flow discovery. * Added and refined schedule management, including schedule editing, pipe handling in the left navigation, cleaner scheduler layout, corrected custom text behavior, and aligned schedule navigation and documentation links. * Added dedicated UI panels for flow and step configuration, including flow-level fields, `Requires roles`, documentation links, and a tabbed step editor for general settings, controls, and advanced layout JSON. * Added a broad set of typed configuration views for Access authenticators and OIDC or SAML-related configuration, reducing the need to edit raw JSON. * Added runtime and discovery APIs for pipe metrics and known Control UI controls. * Added Password Reset rule policy management so multiple password rule policies can be configured and one policy can be selected as default. ### Delivered in this iteration #### Control, Forms, Schedules, and Flows * Added the new Control area in Management Center and corrected the missing Control image. * Fixed Control flow discovery so default Control flows are found and can be opened correctly. * Added schedule editing with create, update, delete, and pipe association support. * Moved scheduler pipe handling to the left navigation and made scheduler pipes use `display_name` instead of the internal `id` where available. * Removed redundant scheduler fields from the UI and improved layout for scheduler settings, including stable placement for `run on start`, `parallel`, and custom text fields. * Updated the schedule top-level row to match the visual pattern used by API Endpoints and corrected the schedule documentation link. * Added a dedicated flow configuration panel so common flow fields can be edited without going directly to JSON. * Added UI support for `Requires roles` on Forms flows. * Corrected documentation links for flows and flow steps and added documentation support for individual steps. * Added a tabbed step editor with general step settings, control CRUD, and an advanced layout JSON editor. * Added an API for listing known Control UI controls using the same discovery pattern as known valves. * Fixed `DataGridUpdate` behavior so searches do not execute prematurely and added a dedicated search field for adding new entries. #### Access Configuration * Added dedicated typed configuration views for `Passkey`, `CertificateAuth`, `UserNameAndPassword`, `ExternalFlow`, `UserLookup`, `IwaAuthentication`, `OTPValidator`, `SSOAuthenticator`, `AuthController`, `EnrichIdentity`, `Impersonate`, `ImpersonateWithSearch`, `FrejaWithUserInput`, `FrejaWithQRCode`, `SithsWithQr`, `NiasOnOtherDevice`, `NiasOnSameDevice`, `StaticSAML`, `SAMLSPBroker`, `OIDCRP`, `OIDCAuthCodeFlow`, and `OIDCImplicitFlow`. * Updated the `OidcRpAuthenticator` UI with support for `acr_values`, `cancel_on_errors`, and `cancel_on_error_description_patterns`. * Updated the default values used when creating `OIDCRP Auth`. * Added support for application-specific authorization configuration on applications. * Added a panel for selector work based on the Access selector implementation. * Updated selector handling so `label` is used as the display name when managing authenticators and when using the right-hand configuration view. * Fixed BankID test mode so it writes the correct `config.mode` value. * Fixed BankID selector handling so adding a BankID authenticator creates a valid selector option with a `label`. * Fixed chain editing so newly added authenticators are written to the correct JSON location. * Fixed OTP validator handling so unexpected `pre_pipe` behavior no longer creates confusion in the UI. * Locked SAML Trusted Application authorization editing when the application is linked to a SAML Profile. * Corrected the values shown in SAML Attribute `NameFormat` dropdowns and the SAML NameID format dropdown. * Fixed `HttpClient` configuration so `non_proxy_hosts` is saved in a runtime-compatible array format. * Added an error in `HttpClientSelectionWidget` when the referenced `HttpClient` is missing. * Corrected the category used for `NoOp` so the add flow and left navigation are consistent. #### Password Reset, Portal, and Shared Configuration * Added a Password Reset rule policy interface for `rule_policies`, including policy creation, policy IDs, per-policy rules, exactly one default policy, validation, and compatibility with legacy `rules` configuration. * Fixed Portal card editing so unsaved `Required Roles` input from one card does not remain visible when switching to another card. * Updated the SMTP valve view, including migration from legacy `*_parameter` fields and support for `ignore_smtp_timeout`. * Updated module defaults so only `InformationEndpoint` keeps the `group` property where applicable, using `group: "last"`. * Updated the default customer folders for Access, Control, Portal, and Password Reset to align `group` handling and included modules. * Corrected the default `op_default.json` logout endpoint shipped with Access. #### Runtime, Installer, and UI Improvements * Added a Management Center runtime API for pipe metrics that returns structured metrics per pipe and valve. * Added the Management Center version number to the `/disco` page. * Fixed a Windows installer issue where product selection did not work correctly. * Increased the width of the `display_name` input when editing pipes. * Added the active application name directly in the `Pipe Configuration` tab to reduce context switching. * Improved subpipe handling so subpipes appear in the left navigation and can be created or deleted using the same interaction patterns as other resources. * Adjusted the unsaved and undeployed node indicator logic so unsaved state takes precedence. * Fixed pipe test handling so globals can be expanded correctly. * Reordered the `JSON` and `Test` buttons in the pipe view so `JSON` is shown on the far right. * Added matching brackets in Monarch to make long expressions easier to read and edit. * Cleared the right-hand configuration panel after deleting a valve. * Added a warning when closing a modal with unsaved changes. * Updated the Control subtitle styling to align better with the other products. ### Version 2.0.0 This release focuses on configuration workflows in Control, Access, Forms, and Portal, with new typed configuration views, improved schedule and flow editing, better runtime observability for pipes, and a broad set of usability fixes across the Management Center UI. *** #### Key Highlights * Added schedule management in Forms configuration, including CRUD support, navigation updates, and multiple scheduler usability fixes * Added a broad set of dedicated form-based configuration views for Access authenticators and OIDC or SAML-related configuration * Added a runtime API for pipe metrics per pipe and valve * Improved flow editing with a dedicated flow panel and corrected documentation links for flows, flow steps, and schedules * Delivered a broad set of UI improvements for pipes, forms, modal handling, Monaco editing, installers, and default configuration content ### Delivered in this iteration #### Configuration and Editing * Added schedule editing in Forms configuration with create, update, delete, and pipe association support * Added several Control scheduler refinements, including better placement of pipes in the left navigation, removed redundant components, layout cleanup for `run on start` and `parallel`, improved custom text handling, and fixes for flow discovery in Control * Updated the schedule navigation row to align visually with API Endpoints and added the correct documentation link * Added a dedicated UI panel for flow configuration so common flow fields can be edited without going directly to raw JSON * Corrected the documentation link in the flow step view * Added documentation support for individual flow steps * Added dedicated typed configuration views for `Passkey`, `CertificateAuth`, `UserNameAndPassword`, `ExternalFlow`, `UserLookup`, `IwaAuthentication`, `OTPValidator`, `SSOAuthenticator`, `AuthController`, `EnrichIdentity`, `Impersonate`, `ImpersonateWithSearch`, `FrejaWithUserInput`, `FrejaWithQRCode`, `SithsWithQr`, `NiasOnOtherDevice`, `NiasOnSameDevice`, `StaticSAML`, `SAMLSPBroker`, `OIDCRP`, `OIDCAuthCodeFlow`, and `OIDCImplicitFlow` * Updated the UI for `OidcRpAuthenticator` with support for `acr_values`, `cancel_on_errors`, and `cancel_on_error_description_patterns` * Updated the SMTP valve view, including migration from legacy `*_parameter` fields and support for `ignore_smtp_timeout` * Updated the default values used when creating `OIDCRP Auth` * Added support for application-specific authz configuration on applications #### Runtime and Service Improvements * Added a Management Center runtime API for pipe metrics that returns structured metrics per pipe and valve * Added the Management Center version number to the `/disco` page * Fixed a Windows installer issue where product selection did not work correctly #### UI and Usability Improvements * Increased the width of the `display_name` input when editing pipes * Added the new Control area and fixed the missing Control image * Updated selector handling so `label` is used as the display name in authenticator management views * Adjusted the unsaved and undeployed node indicator logic so unsaved state takes precedence * Fixed pipe test handling so globals can be expanded correctly * Reordered the `JSON` and `Test` buttons in the pipe view so `JSON` is shown on the far right * Added matching brackets in Monarch to make long expressions easier to read and edit * Cleared the right-hand configuration panel after deleting a valve * Added a warning when closing a modal with unsaved changes * Fixed chain editing so newly added authenticators are written to the correct JSON location * Fixed OTP validator handling so unexpected `pre_pipe` behavior no longer creates confusion in the UI * Updated the Control subtitle styling to align better with the other products #### Forms and Data Grid Improvements * Fixed the `DataGridUpdate` search workflow so searches behave more consistently and do not trigger premature execution * Added a dedicated search field for adding new entries in `DataGridUpdate` #### Default Configuration Updates * Updated module defaults so only `InformationEndpoint` keeps the `group` property where applicable * Updated the default customer folders for Access, Control, Portal, and Password Reset to align `group` handling and included modules * Updated the default Password Reset customer folder so only `InformationEndpoint` keeps the `group` property, using `group: "last"` * Corrected the default `op_default.json` logout endpoint shipped with Access ### Additional Updates * Improved subpipe handling in the UI so subpipes appear in the left navigation and can be created or deleted using the same interaction patterns as other resources * Added the active application name directly in the `Pipe Configuration` tab to reduce context switching * Fixed Portal card editing so unsaved `Required Roles` input from one card does not remain visible when switching to another card ### Version 1.3.1 This release focuses on enhancing the management experience across all products, with significant additions for Password Reset integration, improved SAML and OIDC configuration workflows, and numerous quality-of-life improvements. *** #### Key Highlights * Complete Password Reset integration with dedicated UI and configuration management * Enhanced SAML Profile support with improved application management * Automatic display name generation for pipes, steps, and flows * Improved OIDC RP and OP configuration workflows * Standardized terminology across all products ("Authenticators", "Credential Validators") * Bug fixes and UI consistency improvements ### New Features #### Password Reset Management **Complete Password Reset Integration** Management Center now includes full support for managing Password Reset deployments, bringing the same powerful configuration capabilities available for Access, Portal, and Forms to password management workflows. * **Dedicated Password Reset UI** - New management interface specifically designed for Password Reset configuration * **Password Rules Configuration** - API and UI for managing password complexity rules and validation policies * **Self-Reset Pipe Management** - Configure and manage self-service password reset workflows * **Delegated Reset Configuration** - Set up and manage delegated password reset scenarios for helpdesk use * **ADResetClient Module** - Added missing ADResetClient module for Active Directory password write-back operations * **Installer Integration** - Password Reset now included in the unified Management Center installer * **Documentation Updates** - Complete documentation for ports, configuration, and deployment **Configuration Updates:** * Updated default logout endpoint URL: `${globals.host_uri}pwdreset/logged_out/` * Added display names for default Password Reset pipes * Updated Discovery page to include Password Reset service #### SAML Profile Management **Enhanced SAML Application Workflows** Significant improvements to SAML Profile creation and management make it easier to manage multiple applications sharing common SAML configurations. * **Profile Creation and Management** - Create SAML Profiles to share configuration across multiple applications * **Profile Selector** - New UI component for selecting profiles when configuring SAML applications * **Application View Integration** - Profiles now appear in the application listing view * **Profile Association Display** - See which applications are using each SAML Profile * **Improved Pipe Creation** - Pipe creation for SAML SP and Profile objects moved to dedicated view for better workflow **Visual Improvements:** * New icons for SAML Profiles matching the visual style of OIDC RP icons * Tags now properly displayed on profiles and RPs * Application view sorted by display name for easier navigation * Updated search placeholder text for better clarity #### OIDC Improvements **Enhanced OpenID Connect Configuration** Multiple improvements to the OIDC configuration experience make it easier to set up and manage OpenID Connect integrations. * **Improved Discovery Metadata** - Added `id_token_alg_values_supported` to Implicit Flow discovery metadata * **Better Default Handling** - Fixed default keystore display in UI for new OP configurations * **RP Template Improvements** - Corrected pipe\_id handling in RP templates * **Claims Editor Enhancement** - Expanded JSON editor for claims configuration * **Documentation Links** - Fixed documentation links for RP configurations **Parameter Updates:** * Removed `sign_` prefix from Authentication and Implicit Flow parameters for consistency * Updated parameter naming conventions across OIDC configurations *** ### Improvements #### Display Name Management **Automatic Display Name Generation** The system now automatically generates meaningful display names for pipes, steps, and flows, improving readability and making it easier to identify components at a glance. * **Flow Display Names** - Automatically generated when creating new flows * **Step Display Names** - Auto-generated for steps within flows * **Pipe Display Names** - Meaningful names for pipes based on their purpose: * Authenticator pipes get descriptive names based on authentication method * SAML SP pipes get names derived from the SP configuration * SAML Profile pipes use profile-based naming * OIDC RP pipes use RP-based naming * Default Password Reset pipes include service-specific names **UI Consistency:** * Display names now used consistently throughout the UI * Primary display uses display\_name field instead of technical ID * Fallback to technical ID when display\_name is not available #### Configuration Management **Default Configuration Updates** Standardized default configurations across all products for consistency and better out-of-the-box experience. * **Access** - Updated default configurations for improved SAML and OIDC workflows * **Portal** - Refreshed default settings aligned with other products * **Forms** - Updated flow and pipe defaults * **Password Reset** - New default configuration optimized for common use cases **Configuration Improvements:** * Fixed TokenAuthentication valve default value that caused startup issues * Removed unnecessary service file from Forms Windows deployment * Updated HTTP listener creation with improved defaults * Better cascade handling for HTTP listener deletion #### User Interface Enhancements **Terminology Standardization** Updated terminology across the interface for consistency and clarity: * "OPTIONS" changed to "CREDENTIAL VALIDATORS" * "OIDC" changed to "OIDC RP" where appropriate * Consistent use of "Authenticators" throughout Access configuration **Visual Improvements:** * Added icons throughout configuration interfaces for Access, Portal, and Forms * Improved dropdown list visual styling with proper borders * Fixed scrollbar behavior when adding new modules * Reduced unnecessary spacing for more compact displays * Better metadata component positioning * Enhanced tab retention during updates **Navigation Improvements:** * Expandable navigation headings in left panel (now consistent across all products) * Orange indicator properly shows unsaved changes across all contexts * "Changes saved but not deployed" indicator positioning improved * Fixed tab focus retention during RJSF form updates *** ### Bug Fixes #### OIDC Fixes * Fixed RP creation failures * Corrected path generation when editing OP objects from MC * Fixed discovery functionality * Resolved Implicit Flow tokens tab issues * Fixed NPE when deleting OP set as default * Corrected order field handling for new OIDC Chain entries * Fixed RP JSON editor data persistence #### SAML Fixes * Fixed default metadata file value appearing when creating new SAML SP * Corrected IdP value selection when creating new SAML SP or Profile * Fixed pipe name showing "undefined" when created for SAML SP * Resolved attribute settings handling for SAML applications * Fixed field population when SAML Profile is selected #### JSON Editor Fixes * Standardized JSON editor behavior across Access, Forms, and Portal * Fixed "Discard changes" functionality in pipe JSON mode * Added proper validation to prevent updating with invalid JSON * Consistent behavior for all JSON editing contexts #### General Fixes * Fixed filter clearing not resetting search field * Corrected application update API to consolidate multiple calls into single request * Fixed expansion/collapse behavior for nested categories * Resolved "Change user" button visibility issues * Fixed documentation links opening in same window * Corrected module documentation link targets *** ### API Enhancements #### New Endpoints * **SAML Profile API** - Complete CRUD operations for SAML Profiles * **System Variables API** - Retrieve system variables for configuration * **Flow Management** - Enhanced flow deletion and listing APIs #### API Improvements * Consolidated application listing into single API call for better performance * Improved request handling for setting OP to null in RP configurations * Better error handling for module creation and deletion * Enhanced cascade deletion for dependent resources *** ### Technical Details #### Module Updates **New Modules:** * ADResetClient - Active Directory password reset client * ExternalFlow - External flow authentication support **Missing Modules Added:** * OIDC module now available in configuration * SAML & OIDC modules properly displayed on configuration start page * Three missing Forms modules added to UI #### Deployment Improvements * Named EXE files for better service identification * Updated install\_service.ps1 with registry value parameters for upgrades * Fixed hardcoded memory values in install\_service.ps1 * Improved service upgrade process #### Performance Optimizations * Reduced unnecessary API calls in application views * Optimized module refresh behavior * Cached version check results for better performance * Improved entity load operations *** ### Breaking Changes #### Java 25 Upgrade Management Center now requires Java 25. Please review the upgrade documentation for migration instructions: * Updated runtime requirements * Configuration adjustments may be needed * See documentation for detailed upgrade steps *** ### Upgrade Notes #### Password Reset If you're adding Password Reset to an existing Management Center installation: 1. **Installer** - Use the unified installer which now includes Password Reset 2. **Configuration** - Default configuration files are provided 3. **Modules** - ADResetClient module is now included 4. **Ports** - Review documentation for required port configurations #### SAML Profiles If you're using SAML applications: 1. **Profile Support** - Consider using SAML Profiles for applications sharing common configuration 2. **Display Names** - Review auto-generated display names and customize as needed #### OIDC If you're using OpenID Connect: 1. **Parameter Names** - Review configurations for updated parameter naming (removed `sign_` prefix) 2. **Discovery** - New discovery metadata fields automatically included 3. **Display Names** - OIDC RP pipes now have meaningful auto-generated names #### Display Names For existing flows, steps, and pipes: 1. Display names are auto-generated for new items 2. Existing items without display names will continue to use technical IDs 3. Consider adding display names to existing items for better readability ### 1.3.0 This release primarily focuses on enhancing the administrative interface to make day-to-day administration simpler, clearer, and more efficient. Improvements have been made to usability, structure, and workflows, with the goal of reducing complexity and helping administrators perform common tasks more quickly and with greater confidence. Overall, the update provides a more streamlined and intuitive experience for administrative users, laying a stronger foundation for future improvements. Key highlights include: * Improved configuration and management of OIDC PR and OP. * Simplified IdP configuration and setup. * A more streamlined approach to connecting and configuring multiple applications, reducing manual steps and configuration effort. ### 1.2.0 ### Updated scripts for upgrading products on Windows This update applies only to installations on Windows. The updated script addresses two issues: 1. **Memory settings** — Any custom memory configuration was previously reset to the default value during an upgrade. 2. **Startup working directory** — The startup working directory was not updated correctly from the installed version. When upgrading each product in Management Center (Access, Forms, and Portal), a PowerShell script is used. This script must be replaced with the updated version provided in this ZIP file for each respective product. 1. Navigate to: drive:\Program Files\FortifiedID\mgmt-center\data\customer\\bin 2. Replace the existing install\_service.ps1 file with the corresponding file from this ZIP archive. Download **update.zip** below for the updated scripts. {% file src="/files/7ipdss01qEaAueLsCxqQ" %} ### 1.2.0 ### Available for linux Installation now supports Linux distributions including Debian, Red Hat, and Ubuntu. The required service manager is systemd (systemctl). ### Java version update When using windows JAVA 25 is shipped as default ### Forms is now included Adding Fortified ID Forms application under the "managed umbrella". A default set up is included in the forms mc installation for showcasing the capabilities of Fortified ID Forms application. ### Updated UI panels Several new panels and logic enhancements have been added, making configuration more streamlined and user-friendly. ### OIDC UI improvements Creating and editing OIDC OP (OpenID Provider) and RP (Relying Party) configurations has been significantly improved, offering a more intuitive interface, better validation, and streamlined workflows. ### Resource UI improvements Categorisation of resources provides a clearer overview and improved management of grouped resources. ## 1.1.0 ### Creation of all entities UI now allows for creation of entities such as IDP, authenticators & modules. ### UI panels for pipes First iteration of simplified UI for 105 valves. ### Quick setup of second SAML logical IDP Creation SAML 2.0 IDP creates basic setup. Gets you going i minutes. ### Portal added under the MC umbrella Portal is now managed using Management Center. Can be used either as separate container or included in windows installer. ### Documentation links Links to documentation is added to MC components. ### General UI updates ### 1.0.0 First release --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter: ``` GET https://docs.fortifiedid.se/management-center/the-service/about-this-release/release-notes.md?ask=&goal= ``` `ask` is the immediate question: it should be specific, self-contained, and written in natural language. `goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.